Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
emberjs ember.js vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2013-4170
In general, Ember.js escapes or strips any user-supplied content before inserting it in strings that will be sent to innerHTML. However, the `tagName` property of an `Ember.View` was inserted into such a string without being sanitized. This means that if an application assigns a ...
Emberjs Ember.js 1.0.0
Emberjs Ember.js
5.4
CVSSv3
CVE-2014-0014
Ember.js 1.0.x prior to 1.0.1, 1.1.x prior to 1.1.3, 1.2.x prior to 1.2.1, 1.3.x prior to 1.3.1, and 1.4.x prior to 1.4.0-beta.2 allows remote malicious users to conduct cross-site scripting (XSS) attacks by leveraging an application using the "{{group}}" Helper and a c...
Emberjs Ember.js 1.2.0
Emberjs Ember.js 1.3.0
Emberjs Ember.js 1.4.0
Emberjs Ember.js 1.1.2
Emberjs Ember.js 1.1.1
Emberjs Ember.js 1.1.0
Emberjs Ember.js 1.0.0
5.4
CVSSv3
CVE-2014-0013
Ember.js 1.0.x prior to 1.0.1, 1.1.x prior to 1.1.3, 1.2.x prior to 1.2.1, 1.3.x prior to 1.3.1, and 1.4.x prior to 1.4.0-beta.2 allows remote malicious users to conduct cross-site scripting (XSS) attacks by leveraging an application that contains templates whose context is set t...
Emberjs Ember.js 1.2.0
Emberjs Ember.js 1.3.0
Emberjs Ember.js 1.4.0
Emberjs Ember.js 1.1.2
Emberjs Ember.js 1.1.1
Emberjs Ember.js 1.1.0
Emberjs Ember.js 1.0.0
1 Github repository
6.1
CVSSv3
CVE-2015-1866
Cross-site scripting (XSS) vulnerability in Ember.js 1.10.x prior to 1.10.1 and 1.11.x prior to 1.11.2.
Emberjs Ember.js 1.11.0
Emberjs Ember.js 1.10.0
Emberjs Ember.js 1.11.1
6.1
CVSSv3
CVE-2015-7565
Cross-site scripting (XSS) vulnerability in Ember.js 1.8.x up to and including 1.10.x, 1.11.x prior to 1.11.4, 1.12.x prior to 1.12.2, 1.13.x prior to 1.13.12, 2.0.x prior to 2.0.3, 2.1.x prior to 2.1.2, and 2.2.x prior to 2.2.1 allows remote malicious users to inject arbitrary w...
Emberjs Ember.js 1.13
Emberjs Ember.js 1.11.3
Emberjs Ember.js 1.10.1
Emberjs Ember.js 1.13.10
Emberjs Ember.js 1.13.5
Emberjs Ember.js 1.8
Emberjs Ember.js 2.1.1
Emberjs Ember.js 2.0.2
Emberjs Ember.js 1.13.2
Emberjs Ember.js 1.11.1
Emberjs Ember.js 1.13.9
Emberjs Ember.js 2.1
Emberjs Ember.js 2.2
Emberjs Ember.js 1.11
Emberjs Ember.js 1.9.1
Emberjs Ember.js 1.12.1
Emberjs Ember.js 2.0
Emberjs Ember.js 1.9
Emberjs Ember.js 1.10
Emberjs Ember.js 1.13.1
Emberjs Ember.js 1.13.4
Emberjs Ember.js 1.13.6
NA
CVE-2014-0046
Cross-site scripting (XSS) vulnerability in the link-to helper in Ember.js 1.2.x prior to 1.2.2, 1.3.x prior to 1.3.2, and 1.4.x prior to 1.4.0-beta.6, when used in non-block form, allows remote malicious users to inject arbitrary web script or HTML via the title attribute.
Emberjs Ember.js 1.2.0
Emberjs Ember.js 1.4.0
Emberjs Ember.js 1.3.1
Emberjs Ember.js 1.2.1
Emberjs Ember.js 1.3.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started